To get HTTPS on your site, you need to follow two steps. First, you need to set up your SSL certificate. If you're using Bitnami, it's very straightforward. As per their documentation, you just need to run their HTTPS Configuration Tool:
Execute the following command and follow the prompts:
But going through this process only got me halfway there. I noticed that some .js calls were being made over HTTP, which caused CORS issues and generally stopped the membership features from working correctly. I tried setting up Apache Force HTTPS as per Bitnami's documentation and it didn't help.
The solution was the following, as per https://community.bitnami.com/t/how-to-get-https-working-80-redirect-loop-issues-resolved-ghost-gcp/55867/3:
There are two issues after setting up your SSL certificate. You'll notice your nav links have :80 appended to the end, and of course lack the S in https.
First part - Fix Ghost URL
Stop Ghost & open the Ghost config file:
sudo /opt/bitnami/ctlscript.sh stop
sudo vim /opt/bitnami/apps/ghost/htdocs/config.production.json
Edit the URL part to include the
http. Remove the
:80. Then, Enable Apache's protocol proxy pass.
sudo vim /opt/bitnami/apps/ghost/conf/httpd-app.conf
Add this to the top of the file:
RequestHeader set X-Forwarded-Proto "https"
sudo /opt/bitnami/ctlscript.sh start
... and you're set.
Thank you for reading.
Was this useful? Interesting? Have something to add? Let me know. Seriously, I love getting email and hearing from readers. Shoot me a note at email@example.com with your thoughts and I promise I'll respond.
If you found this interesting, you can sign up for updates when there's a new post. It's really easy: